- Aug 17, 2014
- 11,114
Researchers discovered a new phishing campaign that abuses QR codes to redirect targets to phishing landing pages, effectively circumventing security solutions and controls designed to stop such attacks in their tracks.
The crooks behind the phishing attacks which targeted French Cofense customers used a URL encoded in a QR code to circumvent security software which analyzes and blocks suspicious or blacklisted domains.
The phishing emails were camouflage as a SharePoint email with a "Review Important Document" subject line and a message body which would invite potential victims "Scan Bar Code To View Document."
Phishing email
Radar Phishing Using QR Codes to Evade URL Analysis | Cofense
Phishing attacks evolve over time, and attacker frustration with technical controls is a key driver in the evolution of phishing tactics.
cofense.com
